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Doscrlption 

Background of the Invention 

1 . Field erf the Invention 5 

The present Invention relates to the field ol data 
processing, and in particular, to a method and apparatus 
lor controlling the dissemination of digital intomnation. 
Furthemrvore, the present invention provides transpar- 
ent access to uncomrolled digital Informatton together 
with controlled digital information with the same access 
apparatus. 

2. Description of the Related Art 

The distribution of original works - whether be it text, 
graphics, anirratlon, video oraudb - In magnetic, elec- 
tronic, optical or any other medium is becoming popular. 
Advances in digital compression technology and im- 
provement In the price/performance ratio of computers 
have made it economical and feasible to disseminate 
digital information in such "sc^'fomis. However, original 
works encoded in digital medium can be easily duplicat- 
ed, encrypted, transmitted viacommunicatk}n networks 
and destroyed. For the remainder of the descrlptkan of 
the present invention, original works encoded in digital 
medium shall be referred to as digital Informatk^n. The 
push factors, i.e., easy access and maniputatk>n, that 
make digital lnfonmatte>n a rival to the traditional hard 
copy forms, I.e., books, newspapers or microfiches, 
have also made it difTicutt to establish evidence of illegal 
usage such infornnatton. 

With respect to the distribution of hard copies of 
original works, copyright and publishing laws strike a 
balarkce between the twin goals of compensating the 
publisher/author and of maintaining reasonable cost to 
the end users. It is straightforward to establish evidence 
of making illegal copies of hard copy of original works. 
The main thrust of copyright artd publishing laws Is to 
establish evidence of illegal possessksn. 

In contrast, evidence ol illegal possessbn of digital 
Information Is difficult at best and at worst Impossible to 
obtain. The present inventbn proposes to control the us- 
age of distributed digital information as an alternative. 
By usage, the present invsntbn refers to the number 
and timing of the accesses specified by the information 
provkier. 

Prior art controls the dissemination of software pro- 
grams only with copy protectton schemes. Copy protec- 
tion relies on hardware or software artifacts to detect 
and prevent illegal copying of scrftware programs. En- 
cryption is sometimes used to provkie copy protectk>n. 
Some recent examples of copy protection schemes are 
U.S. patent No. 4,666,769 to Karp and U.S. patent No. 
4,903,298 to Chandra et al. 

U.S. Patent No. 4,903,296 claims copy protectton 
of software on magnetic medium with a special key hav- 
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ing two marks mads on the surface of the medium. 
These marks are in the form of absence of material and 
domains that cannot be formed by conventional mag- 
netk^ disk write heads. Additionally, an encrypted key 
whbh is critk»] for running the applicatksn is built into a 
special purpose hardware subsystem. Finally the hard- 
ware subsystem is required to decrypt the key. 

U.S. Patent No. 4,866,769 teaches a method of 
copy protectkjn of personal computer software distrib- 
uted in diskettes through the use of a unique kientifk^a- 
tk>n stored In read only memory of a personal computer. 
A source ID is provkled with every sc^ware distributed. 
The persona] computer ID is used with the source ID on 
the distribution diskette to produce an encoded check 
word, using any available encryption method. This 
check word Is then used to verify that the software Is 
being used on the designated personal computer 

While U.S. Patent Nos. 4,903,296 and 4.866,769 
disclose off-line schemes for controlled dissemination 
of software, U.S. Patent No. 4,999,606 describes a cen- 
tral station distributing software over telephone lines - 
an on-line scheme for software dissemination. The cen- 
tral station transmits an acceptarice code to a caller and 
then temnir^tes the call. After verifying the caller's credit 
infomnatk)n, the central statbn calls the purchaser back 
and continues with the transactk»i only after receiving 
the acceptance code. The central station then transmits 
a Control Transfer Program and Initlalizatkitn Program 
to the purchaser. The purchaser executes the Initializa- 
tton Program to turn over control of the purchaser's com- 
puter to the central station. The Control Transfer Pro- 
gram makes sure that no memory resklent copying pro- 
granns are mnntng before transmitting over the tele- 
phone line the purchased/leased program to the pur- 
chaser's computer Thereafter the varkaus transmitted 
programs are erased, leaving only a copy of protected 
version of the purchased program on the purchaser's 
disk. 

To prevent unauthorized copying and use of infor- 
nnalion, prksrart copy protection schemes require either 
introducing artificial irx^k^aas software keys or requiring 
special hardware sutwystems. Not only ere these solu- 
tbns costly to both the Inf ormatk»i providers and the end 
users as they require additbnal processing steps, but 
they are also Incompatible with the trend of encouraging 
concurrent use of different types of information in a net- 
work environment Furthermore, the prbr art copy pro- 
tection schemes provkie limited control overthe dissem- 
ination of digital informatron in that they prevent unau- 
thorized copying erf software but not "uses' of such In- 
formation. 

Absent from the prbr art Is the dissemination of un- 
controlled informatbn. By uncontrolled infomDation, the 
present Inventton refers to a portbn of the Information 
wh teh the Infomnatton provider has deckled to let the end 
user view without registering it as a 'use" of the control- 
led Informatkvi. Typk:ally, the uncontrolled Infonmatlon 
is either at a k>war resdutkvi compared with the control- 
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tsd information or it comprises a selected portion o1 the 
controlled Infom^lon which allows the end user to 
make an informed decision whether to eubscribs or use 
the controlled Information. Examples uncontrolled In- 
formation are the preview of a movie, or a demonstration 
version of the controlled software, or even an at)stract 
of a patent document. Hitherto, prior art Information dis- 
semination system does not penrtit the trar^parent ac- 
cess of uncontrolled digital Information with the same 
access device as that for accessing the control led digital 
Information. 

In the articles The concept of a Software Service 
System (BBS)' arxi 'Implennentation of a Small-Scale 
Prototype tor Software Sen^lce System (SSS)* by Mori 
and Tashiro. Systems and Computers in Japan, Vol. 19, 
No.5 1988, pages 38-60, a software licensing system Is 
described in which software access rights are encrypted 
In a header which Is distributed with the software. In this 
SSS system, any modification of access rights (decre- 
menting a number-of-accesses counter, for example) is 
performed using a special tamper-proof "SSS-Box". 

Summan/ ot the Invention 

The present invention relates to a method for con- 
trolltngthe dissemination of digital infomiation as set out 
in c^m 1, and claim 4. 

Brief Description of the Drawings 

FIQ. 1 Is a model of Information dissemlnallon. 

FIG. 2 illustrates a logical structure of a Sealed Con- 
trolled Informatton (COIN) according to a first embodi- 
ment of the present invention. 

FIQ. 3 shows the architecture of a device used by 
an infomnation corwumer for accessing the controlled in- 
formation according to the first embodiment of the 
present invention. 

FIG. 4 illustrates the logical flow of how the Sealed 
caN is prepared by an Information provider. 

FIGS. 5A & 5B show the iogical flow of the controller 
In the access device according to the first embodiment 
of the present Invention. 

FIG. 6 illustrates the architecture of an access de- 
vice for a system for controlled dissemination of digital 
information according to the second smiDodiment of the 
present invention. 

FIG. 7A illustrates a possible format of the logical 
stnjcturec^ Sealed COIN used in a second embodiment 
of the present Invention. 

FIG. 7B illustrates a possible format of the logical 
structure of the Sealed Opener which cooperates with 
the Sealed COIN used in the second embodiment of the 
present Invention. 

FIQ. 8 Illustrates the flow diagram of the Information 
provider used in the second embodiment of the present 
Invention where a Sealed COIN Is generated. 

FIG. 9 shows the flow dkgram of the informatbn 



provider used in the second embodiment of the present 
Invention where an opener for accessing the sealed 
COIN in FIG. 8 is generated. 

FIQ. 1 0 Illustrates the logical flow of the overall proc- 
5 ess of on-line controlled dissemination of information 
according to the second embodiment ot the present 
Invention . 

FIGS. 11 A and B illustrate the flow diagram of the 
caitroller In the access device according to the second 
10 embodiment of the present invention. 

Detailed Description (rfthe Invention 

A method and apparatus for controlling the dlssem- 
'fi tnation of digital information is described. In the follow- 
ing description, numerous specific details are set forth 
such as logical structures of digKal information and pro- 
gram steps, etc. In order to provide a thorough under- 
standing of the present invention. It will be obvious to 
one sidlled in the art that the present invention may be 
practiced without these specific details. In other Instanc- 
es, well-known steps such as those involved with en- 
cryption and decryption data are not shown In order 
not to obscure the present invention. 

25 

Notation and Nomenclature 

The detailed description with respect to the control- 
led dissemination of digital information Is presented par- 

30 tially In terms of algorithm and symbolic representation 
upon operation on data bits within a computer memory 
These algorithmic descrqstions and representations are 
the means used by those sidlled In the data processing 
art to convey most effectively the substartca of their work 

35 to others skilled In the art. 

An algorithm is here, and generally, oortceivedto be 
a self-consistent sequence of steps leading to a desired 
result. These steps require physk»l manlpulatton of 
physical quantities. Usually, though r\o\ necessarily, 

40 these quantities take the form of electrical, optical or 
magnetb signals capable of being stored, transfered, 
combined, and othenivlse manipulated. It proves con- 
venient at times, principally for reason of common us- 
age, to refer to these signals as bits, values, elements, 

45 symbols, characters, numbers or the like. It should be 
bome in mind, however, that all of these and simi^ 
terms are to be associated with the appropriate physical 
quantities and are merely convenient Iai9els applied to 
these quantities. 

so Further, the manlpulattons performed are often re- 
ferred to in terms such as adding or comparing, whch 
are conrvnonly associated with the mental operattons 
performed by a human operator. No such capability of 
a human operator is necessary, or desirable. In most 

ss cases. In any ol the operattons described herein whtoh 
form part of the present inventk)n, the operations are 
machine operattons. Useful machines for performing 
the operations of the present invention include general 
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purpose digital compulsiB or similar devices. In all cas- 
es, It shoukj be borne In mind that there Is a dIstlrKllon 
between the method operation in operating a computer 
or other apparatus and the method of computation ttsetf. 
The present invention relates to method steps for pro- 5 
viding better control over the dissemination of digital In- 
formation. 

The present Invention also relates to an apparatus 
for performing these operatlorw. This apparatus may be 
specially constructed for the required purpose or it may 
comprise a general pu rpose computer as selectively ac- 
tivated or reconfigured by a computer program stored 
In the computer. The algorithms presented herein are 
not Inherently related to any particular computer or other 
apparatus. In particular, various general purpose ma- 
chines may be used with programs written In accord- 
ance with the teachings herein, or it may prove more 
convenient to construct specialized apparatus such a 
dedicated processor to perfomn the required method 
steps. The required stmcture for a variety of these nna- 
chlnes would appear from the description given below. 

GENERAL SYSTEM CONFIGURATION 

A general model of information dissemination is 
shown In FIG. 1. Here, the Information Provider 10 re- 
fers to a supplier of all types o1 information irrcluding but 
not restricted In fomn to text, graphics, animation, video, 
audio, software, or any combinatbn thereof. The trar^ 
mission channel 20 represents the means and more 
specifically the media through which Information Is de- 
livered to the Information Consumer 30 over paths 15 
and 25. The transmission channel 20 Includes but Is not 
limited to any communication means or media such as 
computer networks, satellite IlnKs, diskettes, optical 
disks or other storage nrvedium. It should also be under- 
stood by one skilled in the art that Information Consumer 
30 Is used interchangeably with one or more end users 
of information. The present invention chooses the word 
'hfomnailon consumer' to highlight the use-once nature 
of the controlled informatbn. In other words, once con- 
trolled Information Is cor^sumed, the original Informalton 
no tonger exists In a usable form and the re-access to 
the same informatbn is ncH automatic. The use-once na- 
ture can be generalized to use-n-tlme, I.e., once the con- 
trolled information has been used for n tinrtes, it no longer 
exists in a usable form. 

This invention teaches methods and apparatus for 
an information provider to prepare informatbn packag- 
ing for dissemination. These methods are going to be 
described in specific steps of manipulating information. 
For one skilled In the art, It Is obvious thai some of these 
steps shall be best automated by. for example, imple- 
menting them as a special purpose software, which is 
normally called a sender, running on general purpose 
computers. It is also clear that an information provider 
could simultaneously Instantiate multiple executbns of 
the server to serve multiple information consumers. For 



clarity of presentatbn, the dascriptbn below shall elab- 
orate on the nnodel having one provber and one con- 
sumer in our description. It is also clear that an inforrre- 
tbn consunrter may also be another Information provb- 
er. 

FIRSTEMBODIMENTOFTHE PRESENT INVENTION 

1 . Preparatbn of distributbn package 

FIG. 2 illustrates a k>gk:al structure of a Sealed Con- 
trolled Infomnation (COIN) according to a first embodi- 
ment df the present invention. The Sealed COIN is pre- 
pared by an Informatbn provider once the Information 
consumer agrees to the [sTwa of an information distri- 
butbn contract. The first embodiment of the present In- 
vsntbn describes an off-line scheme where the trans- 
mlssbn channel 20 comprises any kind of non-volatile 
storage medium such as a floppy disk, a hard disk, an 
optbal disk arxJ other non-volatile sembonductor stor- 
age devbes. An Information distribution contract con- 
tains ata minimum the identity of controlled infonnation, 
the number of accesses, and the type of transmission 
medium 

Referring again to FIG. 2, the bgical structure of the 
Sealed Controlled Infornnatbn (COIN) comprises a 
header 35 and a body 40. COIN refers to the original 
Informatbn encoded In some "sofr form (e.g., electron- 
ic, nnagnetb or optbal) that the Informatbn Provider 1 0 
shall provbe to the Information Consumer 30 for his ac- 
cess for a predetermined number of times. COIN Is en- 
coded or sealed by using some scheme such that ac- 
cessing the COIN without a valid decryption key Is com- 
putatbr^lly intractable. The he^r 35 further contpris- 
es a plurality of fields: a medium signature 36, an access 
window 37 (AW), total numberof b^ accesses albwed 
3B (TAL), the number of legal accesses left 39 (LAL), 
and TAL number of encryptbnAJecryptbn keys 41 (K^ 
to Kt-al). The medium signature 36 refers to any scheme 
whbh allows a distributbn medium, such as a floppy 
disk, to have a unque bentificalbn. Preferably, this sig- 
nature depends upon the characteristics or nonunlform- 
Itles of the distribution medium. For an exampb of a suit- 
able medium signature, please refer to the pending U. 
S. appllcatbn serial No. 08/120.969. filed 13 September 
1993. by the same assignee as the present invention. 
The AW 37 refers to a specified time perbd within which 
a legal access is granted to the informatbn consumer 
for accessing the COIN. A start and end time is given 
as the boundary of the access window In which the In- 
fomnation Consumer 30 can aocese the disseminated 
infornnalbn legally. TAL 38 Is the total number of bgal 
accesses to the COIN granted by the Informatbn Pro- 
vber 1 0 to the Information Consumer 30 under an Infor- 
nnalbn dissemination contract LAL 39 the number ot 
legal accesses left; it is the difference between TAL and 
the number of accesses already granted. When LAL Is 
equal to zero, access to COIN shall be denied. to 
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Ktal 41 are keys used for decrypting the COIN in the 
body 40. Preterably the encryption and decryption 
scheme erf to Kjj^ 41 is based on Public Key Cryp- 
tography (PKC) which allows the Inlormatlon provider to 
transmit secret messages to the access device without 
priortransmlsslon of a s^ret key. Under PKC, each par- 
ty has a pair of keys - one secret (known only to Itself) 
and one public (known to everyone like a telephone 
number In a telephone directory). In other words, the In- 
formation provder has a secret key (SSK) and a public 
key (SPK) while the access device has a secret key 
(DSK) and a public key (DPK). When the information 
provider sends a secret message to the inf omrration con- 
sumer, the Inforrrtatbn provider uses the access de- 
vice's public key (DPK) to encrypt the nrvessage. Only 
the access device can decrypt the encrypted message 
by using its own secret key (DSK). For further reference 
on PKC, see R.L RIvest, A. Shamir and L Adieman: 'A 
Method for CMainIng D^itai Signature in Public-Key 
Cryptosystem^ Communbations of the ACM, Vol. 21, 
No. 2. February 1978, pp. 120 - 126. Also see D.E.R. 
Denning, Cryptography and Data Security Addision- 
Wesley Reading, MA, 1983. 

Once the I nf ormatnn Consumer 30 agrees with the 
Informatbn Provkier 10 on the temns of the distribution 
contract, Information Provider 1 0 executes a procedure 
as outlined in FIG. 4 beginnong with step 60 to produce 
a distrlbutton medium Incorporating the sealed COIN. In 
step 62 TAL number of keys, K^ to K-p^ , are generated 
lor encrypting COIN In the body 40. Although PKC Is 
reten'ed In the embodiment of the present invention, any 
method of encryption is applicable. Next, a medium sig- 
nature 36 is created from the particular distribution me- 
dium on which COIN is to be distributed. Pending U.S. 
applk^ation serial No. 08^120,969, filed 13 September, 
1 993, and assigned to the same assignee as the present 
invention exemplifies one of many ways of generating 
a medium signature. In step 66, COIN Is encrypted with 
K^ . It follows that the body 40 of the sealed COIN is gen- 
erated. In step 68, the header 35 Is prepared next. Ini- 
tially the value LAL 39 is set to be identical with that ot 
TAL 38. By concatenating AW 37, TAL 38, LAL 39, K, 
to KjAL 41. and medium signature 36 as illustrated In 
FIG. 2, the header 35 is then encrypted in step 68 using 
the public key DPK of the Information consumer's ac- 
cess device. The encrypted header 35 and the encrypt- 
ed body 40 constitutes the sealed COIN and Is written 
onto the distributed medium in step 70. 

2. Access of infomiatlon 

It is assumed that the Informatton Consumer 30 has 
some device, for example a computer, to access the in- 
formatbn in the distributed medium. The minimum en- 
hancements to such a device for accessing COIN are 
shown in FIG. 3. A Controller 45 is coupled at its input 
to an informatkvi input channel 27 for receiving dissem- 
inated information from the read device (not shown) of 



distrisuted medium. The Controller 45 is also coupled 
at one of Its outputs to an Information output channel 29 
for transmitting re-encrypted informatkin to the write de- 
vk:e (not shown) of the distributed medium. The function 

s Controller 45 shall be described bekiw in the descrqa- 
tk)n of FIQ. 5. It should be understood by one skilled In 
the art that the Controller 45 can be implemented fully 
in hardware or by a general purpose processor with the 
appropriate software. The cc^troller 45 Is also coupled 

10 at the other output to an output unit 50 over a link 47 for 
displaying the disseminated informatbn. The output unit 
50 could be a display unit for text/graphics/animatbn/ 
vkieo or a transducer for audio information. The output 
unit 50 could itself be a devbe for distributing controlled 

ts information to other infomnation consumers. The con- 
troller 45 is also coupled to a cbck 55 over link 49 for 
counter-checking whether the real time is within the 
boundary of the access whdow AW 37. Preferably, the 
cbck 55 and the access devbe are tamper-procrf such 

^ that the infonnatbn consumer nnay not tap into the link 
47 nor alter the value of the cbck 55. It should be un- 
derstood by one skilled in the art that the controller has 
means to Interact with the user, the details ot which are 
omitted in order not to obscure the description of the first 

^ embodiment of the present invention. 

FIGS. 5A & 5B sumnnarlzes the logical flow of the 
Controller 45 of the access device in accordance to the 
first preferred embodlnr>ent of the present Inventbn. 
When the Infomnation Consumer 30 wishes to access 

30 the sealed COIN, he or she loads In step 80 the medium 
read/write devbe with the distribution medium (not 
shown) containing the sealed COIN. The Controller 45 
of the access device Is presented with the information 
read from the medium readAwrite device v'e the input 

3s channel 27. The Controller 45 chocks in step 82 whether 
the informatbn at the input channel 27 is encrypted. If 
the informatbn is unencrypted, I.e., uncontrolled infor- 
mation, the Controller 45 albws the Information at the 
input channel 27 to pass directly in step 84 to the output 

40 unit 50 over the link 47. However, If the Informatbn at 
the input channel 27 Is encrypted or controlled, the Con- 
troller 45 decrypts the header 35 of the sealed COIN by 
using in step 88 the secret key DSK of the access de- 
vice. As mentk^nsd above, the secret key DSK is un- 

46 known to the Information Consumer 30, Next In step 90, 
the Controller 45 checks whetherthere are any legal ac- 
cess left by testing the value of LAL 38 for zero. If there 
are no legal accesses left, the value of LAL 38 = 0 arKi 
an evade processing module is Invoked in step 92 which 

so either denies the Information access or erases the con- 
tents of the nr^ium. The specific actbn depends on a 
particular embodinr>ent of the inventbn. Should the val- 
ue of LAL be greater than zero, then the Controller 45 
compares In step 94 the value of the access window AW 

^5 37 with the time of the clock 55. if the cun^ent time falls 
outside of the boundary of the AW 37, the evade 
processing module In step 92 Is Invoked. Othenwise, the 
Controller 45 checks in step 96 whether the medium sig- 
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nature 36 corresponds with the signature read from the 
input channel 27 and that of the output channel 29. K 
the medium signature 36 does not match, the sealed 
COIN Is stored ona copied medium. An evade process- 
ing module as in step 92 is invoked. Otherwise, the Con- s 
troller 45 confirms that the Information Consumer 30 has 
a right to access the sealed COI N on the distribution me- 
dium. 

It should be obvious to those skiiled In the art that 
the oontroiterol the access devce of the present inven- 
tion permits the infomnation consumer to access trans- 
parent^ uncontrolled artd controlled information in an 
off-line manner by using the same access device. While 
the present Invemlon obviates the task of switching back 
and forth between at least two access devices, it also 
allows the Information provkier to distribute uncontrolled 
and controlled informatkxi in one package. With greater 
information at the disposal of the intonmatlon consumer, 
usage of controlled information under the terms of the 
Information provider is encouraged. 

After the Controller 45 determines that the Infornria- 
tion Consumer ^ has a right to access the sealed COI N 
on the distribution medium h FIG. 5A, the controller ex- 
tracts in step 95 the encryption/decryption key Ky^ 
' LAL+ 1 header 35. The Controller 45 disables 

dumping of decrypted Informatton via the output channel 
29. The Controller 45 then decrypts the sealed COIN by 
using the key Kt-al-lal* i step 98- *^^e decrypted In- 
formation, COIN, is provided in step 100 in FIG. 5 B as 
output to the output unit 50 over the link 47. It follows 
that the Infomnatbn Consumer 30 accesses the COIN 
transparently while the Controller 45 checks, valklates, 
encrypts and decrypts the appropriate controlled Infor- 
mation automatbally. In step 102 the Controller 45 dec- 
rements the value of the LAL by one. The header 35 
thus become modified header 35*. Should the value of 
LAL equals zero as tested in step 104, then a 'disable 
infonmadon access" module Is Invoked In step 106 which 
for example, erases the sealed COIN from the distrbu- 
tlon medium. If the value of LAL Is > 0, then the Control- 
ler 45 extracts the encryption/decryption key 
*^TAL-LAL+2 encrypis the COIN In step 108. The 
Controller 45 then encrypts the modified header 35' by 
using the public key DPK of the access devk:e. Finally 
the Controller 45 writes the new sealed COI N generated 
by this encrypted COIN 40 and the encryption of the 
modified header 35' onto the distribullon medium via 
output channel 29 in step 110. Thus, the procedure de- 
scribed in FIGS 5A and SB implements a "use-n-times' 
controlled informatbn scheme that give the Information 
provider enhanced control over the disseminat k)n of dig- 
ital Infomnatkwi. 
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SECOND EIS^BODIMEIsn- OF THE PRESENT 
INVErsfTION 

1. Overall system set-up and operattons 

The second embodiment of the present Inventbn 
describes an on-line scheme for controlled dissemlna- 
\\on of digital informatbn. Referring once again to FIG. 

I, the transmission channel 20 comprises a variety of 
communicatkxi links between the Informatk^n Provider 
10 and the Infomnatton Consunrwr 30. For instar^e, the 
transmission channel 20 could include a computer net- 
work or even telephone lines. 

The architecture of an access device modeling the 
Infomnatlon Consumer 30 for an on-line scheme is illus- 
trated In FIG. 6. Controlled Information from the trans- 
missbn channel 20 is presented to the Information Con- 
sumer 30 over an Input channel 27 whtoh Is coupled to 
a Controller 48. The 1 unctbns the Controller 48 shall 
be elaborated in oonnectkui with the descrptbn of FIG. 

I I . The Controller 48 can be Implemented either In hard- 
ware or by a general purpose processor with proper soft- 
ware. Refeahg again to FIG. 6, the Controller 48 Is cou- 
pled to an output unit 50 over a clear channel 47. Just 
as in the first embodiment of the present invention, the 
output unit 50 comprises a device lor outputting control- 
led information or a mechanism for distributing control- 
led Infonmation to others. The Controller 46 Is also cou- 
pled to a memory storage 52 and a dock 55 for reasons 
which shall be explained beksw The Controller 48 Is 
coupled to an output channel 29 for outputting re-en- 
crypted controlled information. Preferably, the various 
channels coupled to the Controllers 48 are tamper- 
proof. This will make it impossible for users to tap into 
the clear channel 47, to access the Controller 48, to alter 
the value of the memory storage 52, or to change the 
value of the cbck 55. It shouki be understood by one 
skilled in the art that the controller has means to Interact 
with the user, the details of which are omitted in order 
not to obscure the description of the second embodi- 
ment of the present inventbn. 

The objective of the on-line scheme ot controlled 
dissemination of digital Informatbn Is to achieve Im- 
proved control of the delivery of informatbn so that once 
the information Is accessed by the informatbn consum- 
er for a specified number of times, the infonnatbn no 
bnger exists In a usable form without authorlzatbn from 
the information provider. The enhanced control of infor- 
nnatbn dissemir^tion is achieved by using encryption 
and by limiting an intonmatlon consumer's access at a 
designated legal access device during an access win- 
dow. 

In order to achieve the above mentioned controls, 
the encrypted COI N Is packaged with some control data, 
whbh Is called the "header" while the encrypted COIN 
is called the "bodyV The header and body together are 
called the Seabd-COIN. A user presents the Sealed- 
COIN together with atbkst to the access devbe in order 



IB 



20 



2S 



30 



3S 



40 



46 



SO 



6 



11 



EP0 672 g91 B1 



12 



to accas8 the COIN. This ticket is called "Seal Opener" 
or juat "Opener" for short. The Openers are Issued by 
the Information Provider at user's request. FIGS 7A and 
7B Illustrate possB3l6 bglcal structures erf Sealed-COIN 
and Seal Opener for realizing the second ennbodiment 5 
of the present Invention. Bebware definitions erf specific 
terms and acronyms needed Inthe rest of the descrip- 
tion: 

COIN Original intonnation encoded in some digital 
form; identified by unique Identtflcatlon, IID. 

TAL Total number dS legal access to the COIN al- 
lowed by the Information provldor to informa- 
tion corwumsr. 

LAL Number of legal access left. 

LAD The device on which the COIN can be ac- 
cessed legally- 
Pi D Unique identification number of informatbn 
provider. 

UID Unique identification number of infomnation 
consumer. 

CID Unique Identification of a contract of Inforrmi- 
tion dissemination. Logically a contract asso- 
ciates PID, IID, TAL, LAD and UID. 

AW Access window is thetime during which a legal 
access is granted to COIN. 

An agreement or contract of infomnation dissemina- 
tion (CID) between an information provkJer and an in- 
formation consumer provides at a minimum that the in- 
formation provider shall provide some COIN to the In- 
formation cc^umer for TAL number of legal accesses 
on certain LAD. As such, CID associates with PID, IID, 
TAL, LAD ard UID respectively. In the simplest form, a 
CID Is formed by cor^^tenating PID, IID, TAL, LAD and 
UID as Illustrated logically In FIQ. 7A. It should be un- 
derstood by one skilled in the art that although the fields 
1 21 to 1 29 In FIQ. 7A are drawn in some order, the struc- 
ture of CID 120 in any implementation is not bound by 
this order and arrangement. Similarly, the generality of 
the preceding comments applies to FIG. 7B. CID 1^ 
expires when all of TAL 125 number of accesses have 
been made. 

Referring again to FIG. 7A, a SealedCOIN com- 
prises a header 119 and a body 130. As mentioned 
above briefly, body 30 is the original COIN which has 
been encoded by using sorne encryption scheme so that 
obtaining the COIN without a valid decryption key Is 
computatior^lly intractable. The decrypted header 119 
further comprises three flelcte: CID 120, LAL 122 and 
keys 124. Keys 124 consist of TAL number of keys K^, 



K2, ... , K-iAL- T^oy ^0 u^ci to decrypt the body and fur- 
ther encrypt the COIN to form new Sealed-COIN. 

FIG. 7B shovra the logical stmcture of a Seal Open- 
er. It too has a header 1 40 and a body 1 45. The header 
1 40 has twoHelds: CID 1 31 and AW 1 42. CID 1 31 of the 
Opener is Mentlcal to the CID 120 the Sealed-COIN. 
The AW 142 holds a number access windows during 
which the infomnation consumer may access the COIN. 
The body 1 45 contains a decryption key Kh for the head- 
er 119 of the Sealed-COIN in FIG. 7A. The key Kh is 
nnalntained tor the life clt contract CID. For the second 
embodiment of the present inventkvi, a Public Key Cryp- 
tography scheme as well as a conventior^ai secret key 
scheme are used to Illustrate the on-line scheme of in- 
formation dissemination. With respect to a Public Key 
scheme, the present Invention denotes the secret and 
public keys of infomnation Provider 1 0 by PSK and PPK, 
respedh/ely, and the secret and public keys of the ac- 
cess device by DSK and DPK, respectively. 

FIG. 10 illustrates the logical fbw of the overall proc- 
ess of on-line controlled dissemination of Information of 
the present invention. The on-line scheme of the present 
invention commences with tine establishment of a con- 
tract between an information Provider 10 and an infor- 
mation Consumer 30 in step 168 of FIG. 10. At this junc- 
ture, a CID and Its associated flekis PID 121, IID 123, 
TAL 125, LAD 127 and UID 129 are stipulated in the 
contract. Based on this Information, the infomnation Pro- 
vkier 10 generates a Sealed-COIN as illustrated in FIG 
6, and transmits It over the transmission channel 20 to 
the infonnnation consumer In step 170 of FIG. 10. The 
informatk)n consumer then makes an request to tins in- 
formation Provkier 1 0 over the same channel in step 1 72 
of FIG. 10. After verifying the informatkxi consumer's 
request In step 1 74 of FIG. 1 0, the Information Provider 
10 generates an Opoier as outlined in steps 160-166 
of FIG. 9 and transmits the Opener to the intomnatbn 
consumer In step 174 d FIQ. 10. The infomnatkn con- 
sumer presents the Sealed-COIN received earlier and 
the Opener to Controller 46 for accessing the COIN in 
step 176. 

In determining whetherto grantthe Infomnation con- 
sumer's request for access in step 178, the Controller 
48 applies the ksgbal sequence of steps as outlined in 
FIGS. 1 1 A and 1 1 B details of whteh shall be elaborated 
bebw. Shouki an access be granted, the Controller 48 
checks If the CID contract has expired In step 182 of 
FIG. 10, i.e., whether all the TAL number of accesses 
have been made by the infomnatbn consumer. If not, 
the COIN Is re-sealed as described below and tiie out- 
come is made available to the information consumer 
through the Informalton Output Channel 29. The Infor- 
mation consumer saves the re-sealad COIN for future 
access In step 1B4. For subsequent accesses, the In- 
formation consumer starts from step 172 by making an- 
other access request to tiis Informatk^n Provider 10. 
This continues until the expiratbn of the contract as in 
step 180. 
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2. Prsparation of Ssaled-CQIN and Seal Opener 

FIG. 8 describes how an inlomnation provider gen- 
erates a Sealed-CX^N. The information provider is 
reacfy to generate a Ssaied-COiN In step 150 if it has s 
the CiD and the values of the assoctaied quantities, 
namely. PiD, ilD. TAI-, i-AD and UID. The infomnatbn 
provider first general ss TAL number df keys, K^. K2, 
KjAL in step 152. Next, In step 154, the information pro- 
vider forms the header fields 119 of the Seated-COIN 
by combining the CiD tor field 120, the value of TAL for 
field 122 and the i(eys for field 124. Then the body 130 
erf the Ssalsd-COiN is formed by encrypting the COIN 
Identified by IlD with koy K^. The header fields 119 In 
turn are encrypted in step 156 to form the header with 
a new key which the Information provkier maintains 
in associatkMi with the contract CiD during the life time 
of the contract. As menttoned earlier, the key Kh forms 
part of the body of the Opener. Finally, the information 
provkier fomns the Seaied-COiN by concatenating the 
header and the body in slep 1 56. 

FIG. 9 illustrates in detail the steps in which the in- 
formation provider generates an Opener. The process 
starts with an infomnation consumer making an access 
request with a valid CID and a number of valid access 
windows AW In step 160. With the CiD, the Infomnation 
provkier finds the corresponding key Kh , which it used 
in step 156 to encrypt the header fields 119 of the 
Seaied-COiN, and encrypts using the information 
provider's secret key PSK In step 162. The Infomrialton 
provkier then forms the Opener by using the Ci D for field 
1 31 , AWs for fieki 1 42 and the above encrypted for 
field 144 in step 164. Finally, the Opener Is generated 
by encrypting the above outcome with the access de- 
vice's pubik: key DPK in step 166. 

3. Access to Seaied-CQIN 

As mentk^ned briefly above, FIGS 1 1 A arxi 1 1 B de- 
scribes the controller's logical steps In determining 
whsther to grant the informatk»i consumer its access 
request. Step 200 checks whether the Input \s uncon- 
trolled tnfornnatlon. An example of uncontrolled Infornna- 
tion is catalog infomnation for the user to browse. If it is 
uncontrolled Information, it is outputted to the output unit 
50 over the clear channel 47. Othenvise, the Controller 
48 asks the Infomnation consumer for an Opener in step 
204. The controller uses its own (i.e., the Access De- 
vice's) secret key DSK to decrypt the Opener to extract 
CID and AWs from fletd 131 and field 142 in step 206. 
From the CiD, the controller extracts the LAD from fieki 
127. The controller checks whether the LAD matches 
with its own (i.e., the Access Devbe's) identifk:ation, and 
verifies whether the current time according to Ctock 55 
is with In one of the AWs found in field 1 42. if any of these 
checks fails, access to controlled rifomnatkMi is denied 
In step 210. 

If the checks in stsp 208 are successful, the con- 



troller extracts the PID from field 121, and thus the in- 
formation provider^ public key PPK In step 212. With 
this key, the controller decrypts the body 145 of the 
Opener to obtain Kh In step 21 4. Using Kh , the comrol- 
ler then, in step 216, decrypts the header 119 of the 
Sealed-COIN presented eariier by the information con- 
sumer. Then it extracts the value of TAL from field 125 
df the header in step 218. The controller then checks in 
step 220 whether T (denting the value TAL-LAL + 1 ) 
is within the range of [1,TAL]. In step 222, the access is 
denied If T Is not within the range. When T is within the 
range, the controller then checks whether T-th access 
has been made in step 224 in FIG. 11B. It is impoilant 
to note that the T-th access is recorded In the mennory 
storage 52 in step 231 . The second and sut>sequent at- 
tempts for the T-th access will be denied In step 222. If 
the T-th access has nc^ been n^ie, the controller then 
decrypts the body 130 of the Sealed-COIN using Key 
Kj found In the header field 124. The controller sends 
the outcome to the Output Unit 50 via clear channel 47 
In step 226. In the case where LAL is greater than 1 , the 
controller proceeds to step 230. Here, the controller re- 
encrypts the COIN using key Kj^^ found in field 124 of 
header 119. Next, the controller decrements the value 
in field 122 of the header 119 by one and encrypts the 
new header using key Kh- The header 119 thus be- 
comes modified header 11 9\ The modified header 119' 
and COIN are concatenated to form a new Seaied-COi N 
which is directed to information Output Channel 29 for 
the Informatton to save. Finally, tn step 231 the current 
value of LAL Is recorded In the storage 52 for the check 
in step 224 whether the T-th access has been made. 
The process terminates in step 232. 

While the present invention has been described 
particularly with reference to FIQS. 1 to 11 B with em- 
phasis on a method for controlling the dissemination of 
digital informatbn in either an off-line or an on-line en- 
vironmem, it should be understood that the figures are 
for illustration only and shouki not be taken as limitatkxis 
on the inverrtkm. In addrtksn, It is clear that the meth<xis 
of the present invention have utility in many applcatbns 
where control of disseminatkan digital information Is 
required. 



Claims 

1. In a system for controlling the disseminatbn of in- 
formatbn by an infonnatbn provkier in an off-line 
manner including at least a storage medium and an 
access devbe at an informatkxi consumer^ dispos- 
al, said informatbn Including both comrolled infor- 
mation, or COIN, arKi uncontrolled informatbn, a 
method for provbing enhanced control over the us- 
age of controlled Information comprising the steps 
of: 

a) encrypting said COIN arxi a header to pro- 
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ducB a Sealed-COIN on said storage medium, 
said header comprising at least a total number 
of legal accesses, number of legal accesses 
left, a plurality of encryption/decryption keys, 
and a medium signature for checking and vali- 
dating the authenttotty of said storage medium; 

b) decrypting said header of said Sealed-COIN 
and checking the values In said header with a 
controller disposed in said access devk^e upon 
access of sakj storage medium by an informa- 
tk>n consumer; said controller dlsaibwing ac- 
cess to informatron if any of the checks fails; 

c) decrypthg said COIN using one of said en- 
crypllon/decryptk)n keys and presenting said 
COIN informatbn to an output unit disposed in 
sakj access device If ail the checks in b) made 
by sakd controller succeed, said header being 
modified to become modified header such that 
sakj number of accesses left is decremented ; 
and 

d) re-encrypting saM COIN and said modified 
header using another of said encryption/de- 
cryptk:tn keys after each access request by said 
information consumer until there is no legal ac- 
cess left, 

whereby said tnf ormalkin provnisr exercises control 
of access by setting values for saM header In ac- 
cordance to the agreement between the information 
provkier and the Informatton consumer, and the In- 
formatton consumer transparently accesses con- 
trolled and uncontrolled informatbn. 

2. The method as defined in claim 1 , characterised in 
that said header further comprises a plurality of ac- 
cess windows, the value of each said access win- 
dow being checked by said controller to pemn'rt ac- 
cess to said infomnatksn during a predetermined pe- 
riod of time. 

3. The method as defined in claim 1 or claim 2 char- 
acterised bi that sakl medium signature permits ac- 
cess to said Informatbn on said access device only 
if sakf controller matches the medium signature of 
said storage medium with the medium signature 
read by sakj access devbe. 

4. In a system for controlling the disseminatbn of in- 
fomnation by an information provider in an on-line 
manner over at least one transmission channel and 
at least one access device at an informatbn con- 
sumer's disposal, said Infomnatlon Including both 
controlled information, or COIN, and uncontrolled 
Infomnatbn, a method for provkling enhanced con- 
trol over the usage controlled Informatbn com- 
prising the steps of: 

a) encrypting said COIN and a header to pro- 



duce a Sealed-COIN before sending sab 
Sealed-COIN to said Infonmatlon consumer, 
sab header comprising at least a total number 
of legal accesses, number of legal accesses 

5 left, a plurality of encryptbrVdecryption keys for 

encrypting sab Infomnatbn, said header being 
encrypted by an encryptbn/decryptbn key Kh 
maintained for the life of a predetennined dts- 
trlbutk») contract; 

10 b) encrypting a Seal Opener upon receiving ac- 

cess request from an information consumer 
and sending said Seal Opener to the informa- 
tbn consumer, sab Seal Opener comprising at 
bast a plural tty of access windows and sab key 
Kh; 

c) decrypting sab Seal Opener with a control ler 
disposed in sab access device, sab controller 
checking the access windows In said Sealed 
Opener upon access by the infomnatbn con- 

20 sumer, said controller disallowing access to 

Informatbn if any of the checks tails; d) de- 
crypting said header said Sealed-COIN and 
checking the values in sab header with a con- 
troller disposed in said access devbe upon ac- 

2S cess of said infonnation by an information con- 

sumer, said controller disalbwing access to In- 
formation if any of the checks fails; 

e) decrypting said COIN using one of sab en- 
cryptbn/decryptbn keys and presenting said 

30 Infornnatlon therein to an output unit disposed 

In said access device rf all the checks In d) 
made by said controller succeed, said header 
being modified to become modified header 
such that sab nunnber of accesses left is dec- 

3S remented; and 

f) re-encrypting sab COIN and sab modified 
header using another of sab encryptbn/de- 
cryptbn keys after each access request by sab 
information consumer until there is no legal ac- 

^ cess left, 

whereby sab infomrtation provider exercises control 
of access by setting values for sab header in ac- 
cordance to the agreement between the information 
45 provider and the information consumer and the In- 
formatbn consumer transparently accesses con- 
trolled and uncontrolled Information. 

6. The method as defried in any of claims 1 to 4 char- 
^ acterised in that sab information comprises digital 
informatbn. 

6. The method as defined in any of claims 1 to 5 char- 
acterised In that said controller permits a predeter- 
^ mined n umber of accesses to sab informatbn upon 
checking the value of sab total number o1 legal ac- 
cesses left. 
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7. The method as dafined in any of claims 1 to 6 char- 
acterised in that said header lurther comprises legal 
access device identification information, the value 
of said legal access Identification being checlced by 
said controller to permit access only on said legal 5 
access device. 

8. The method as defined in any of claims 4 or 5-7, as 
dependent on claim 4^ diaracterised In that the ac- 
cess windows of said Seat Opener are checked by to 
said controller to permit access to said information 
during a predelennined period time only. 

9. The method as defined In any claims 1 to 8 char- 
acterised in that said conlrdler is coupled to said 
output unit over tamper-proof links. 



Patentaneprflche 

so 2. 

1. Verfahren zur Schaffung einer verbesserten Kon- 
trolle Qber den Gsbrauch kontroliierter lnformatk»i 
in einem System zur Steuerung der Verbrettung von 
Information dunch einen Infonnationslieferanten im 
Offline-Betrieb, unter EinGchlu3 von zumindest ei- ^ 
nem Spek:hermedlum und einer Zugrlff8elnrk:h- 
tung, die einem Infomnationsverbraucher zur VerfQ- 3. 
gung steht, wobei die Information sowohl kontrol- 
lierte Information oder COIN als auch unkontrollier- 
te Information ebischlleBt. mil den foigenden Schrit- 30 
ten: 

a) VerschlOsseIn der COIN und eines Anfangs- 
blockes zur Erzeugung einer gesiegelten COIN 

auf dem Speichermedlum. wobei der Anfangs- 3S 4. 
block zumindest eine Gesamtzahl von recht- 
maftigen Zugrlffen. sine Anzahl von verblei- 
benden rechtnndBigen Zugrlffen, e\ne Vielzahl 
von Ver8chlQs6elungs-/EntschlQ&6elung8- 
Schlusseln und eine Medium-Slgnaturzur FrO- ^ 
fung und Validierung der Authenttzitat des 
Spelchermedlums umfaBt, 

b) EmschlQssetung des Anfangsbbckes der 
gesiegelten COI N PrUf en der Werte in dem An- 
fangsblock mil einem Steuergerdt, das h der 
Zugriffseinrichtung angeordnet ist. beim Zugriff 
auf das Spektiermedlum durch einen Informa- 
tbnsverbraucher, wobei das Steuergerat den 
Zugriff auf die informatbn verwsigert, wenn ir- 
gendeine der PrQfungen fehlsch^gt. so 

c) EntschlOsseIn der COIN unter Varwendung 
eines der Verschiusseiungs-ZEntschiOsse- 
iungs-SchlQesel und ZufQhrung der COIN-ln- 
fonmatte>n zu eher Ausgabeebihelt, die In der 
Zugriffseinrichtung angeordnet 1st, wenn alle ss 
von dem Steuergerat in b) durchgsf Ohrten Pr€- 
fungen ertblgreich sind, wobei der Anfangs- 
block modifizisrt wird, um zu einem nr\odifizler- 



ten Anfangsbiockderartzu werden, daB die An- 
zahl der verbleibenden Zugrtffe abw&rts ge- 
zahlt wird, urxi 

d) NeuverschiOsseIn der COIN und des modl- 
fizierten Anfangsblockes unter Varwendung ei- 
nes anderen derVenschlQsselungs-/EntschlOs- 
selungs-SchlQssel nach jeder Zugrfffsanlonde- 
rung von dem infomnationsverbraucher, bis 
kein rechtm§r3lger Zugriff verblieben Ist, 

wodurch der Informatkywiieferant eine Konlrolle 
des Zu griffs durch Festsetzen von Werten fQr den 
Anfangsblock entsprechend der Vereinbarung zwi- 
schen dem InfomnationsllefeiBnien und dem Infor- 
matbnsverbraucher ausGbt und der Infomr^tbns- 
verbraucher In transparenter Weise einen Zugriff 
auf kontrollierts und unkontrollisrts Information 
ausfOhrt. 

Verfahren nach Anspruch 1, dadurch gekennzek^h- 
net, daQ der Anfangsblock weiterhin eine Vielzahl 
von Zugriffsfenstem umfaBt, wobei der Wert jedes 
dieser Zugriff sfenster von dem Steuergerdt geprOft 
wird, um den Zugriff auf die Infomnation wahrend 
einer vorgegebenen Zeitperkxie zuzulassen. 

Verfahren nach Ar^ruch 1 oder 2, dadurch ge- 
kennzek^hnet, daB die Medlum-Slgrtalur den Zugriff 
auf die Infomr^tbn auf der Zugriffseinrichtung ledig- 
llch dann erm&gllcht, wenn das Steuergerit eine 
Ubereinstlmmung der Medium-Signatur des Spel- 
chennediums mit der Medium-Signatur ergibt, die 
von der Zugrtffselnhchtung gelesen wird. 

Verfahren zur Sdiaffung einer verbesserten Kon- 
trdle Qber den Gebrauch kontroliierter informatkxi 
in einem System zur Steuerung der Verbreitung von 
Informatbn durch einen Informationslieferanten in 
einer Oniine-Weise fiber zumindest einen Obertra- 
gungskanal und zumindest eine Zugrtffselnrkdn- 
tung, die einem informationsverbraucherzurVerffi- 
gung steht, wobei die Informatbn sowohl kontrol- 
lierte Information oder COIN als auch unkontroilier- 
te Informatbn einschiisBt, mit den foigenden Schrit- 
ten: 

a) VerschlOsselung der COIN und eines An- 
fangsblockes zur Erzeugung einer gesiegelten 
COIN, bevor die gesbgeite COt N an den Infor- 
matbnsverbraucher gesarKit wird, wobei der 
Anfangsbbck zumindest eine Gesamtzahl von 
rechtmdBigen Zugrfffen, eine Anzahl von ver- 
bleibenden Fechtnna3igen Zugrlffen. eine Vief- 
zahl von VerschiOssetungsV Ent»;hlOsse- 
tungs-SchlOssein zur VerschlOsselung der In- 
formation umfaOt, wobei der Anfangsbbck mit 
einem VerschiOsseiungs-ZEntschlOsselungs- 
SchlOssel Kh vsrschiQsselt ist, der fOr die Lauf- 
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zsit Bines vorgegebenen Viarteilungsvartrages 
aufrechterhalten wird. 

b) VsrechlOsssIn siner Versisgslungsfreigabs 
bel Empfang einerZugrlffsanforderung von ei- 
nsm Informationsverbrauchsr und Senden der 
Verelegelungsf reigabe an den Inlomnatlonsver- 
braucher, wobei die Versisgeiungsfreigabe zu- 
mindest eina Vieizalii von Zugriffsfenstem und 
dsn SdiiOssel i<H umfaOt. 

c) EntschiQsseln der Vareiegeiungsf raigabe mil 
einam in dar Zugrtffseinriclitung angaordneten 
Steuergaral, wobei das Steuargerit das Zu- 
griffslenster in der Varsiegelungsfreigabe bei 
Zugriff durdi den Informalionflvarbraucher 
pruft und das Steuergerat einen Zugriff auf die 
Information verweigert, wenn aha der PrQfun- 
gen feiiischlagt, 

d) EnsdiiOssein des Anfangsbloclces der ge- 
siegelten COIN und PrOfen dar Werla in dam 
Anfangsbiock mit einem in der Zugrrffseinrbh- 
tung angaordneten Stauarger^ bei Zugrtff auf 
die Informatbn durch einen informatbnsver- 
braucher. wobei das SlauergerSI den Zugriff 
aut die Information verweigert, wenn eine der 
PrQfungen fehlschlagt, 

e) EmschlOssein dar COIN unter Verwendung 
eines der VerschlOsselungs-ZEntsciiiusse- 
lungs-SchlQssel und Uafarungderdarin enthal- 
tenen Infomnalion an eine Ausgabeeinheit, die 
in derZugriftselnrichtung angeordnel ist, wenn 
alle die von dom StauargerSt in d) gemachten 
PrQfungen erfolgrelch sind, wobei der Anfangs- 
biock modiftziert wird, urn zu einem nrKXliflzler- 
ten Anfangsblockderart zu werden, daB die An- 
zahl der verbieibendan Zugrfffa abwarts ge- 
zahh wird. 

f) emeutes VerGchlOeseln der COIN und des 
modlfiziartan Anfangsblockes unter Verwen- 
dung eines anderen der VerschlOsseiungsV 
EnlschiQsselungs-Schlilssel nach Jedar Zu- 
griffsanlorderung von dem infomnationsver- 
braucher, bis kein rechlmgQigerZugrifl verblle- 
ban ist, 

wodurch der Informationsileferant eine Kontrol- 
le das Zugritfs dadurch ausObt, da3 Werte f Or 
dsn Anfangsbiock enteprechend der Vereinba- 
rung zwischan dem intonmatlonslieferanten 
und dem Informationsverbraucher gesetzt wer- 
den und der Inlormatbneverbraucher in trans- 
parenter Welse einen Zugrtff auf kontrollierta 
und unkontrollierte Infomnation ausfuhrt. 

5. Verfahren nach einem der Ansprtiche 1 bis 4, da- 
durch gekennzelclinet, daB die Informatkn digitale 
Information unrrfaBt. 

6. Verfahren nach einem der AnsprCche 1 bis 5, da- 
durch gskennzstchnet, daB das Steuergerat erne 



vorgegebene Anzahl von Zugriff en auf die Informa- 
tion nach der PrOfung des Wertes der Qesamtzahl 
der verbleibenden rechtmaBlgen Zugriffe ermog- 
llcht. 

5 

7. Verfahren nach ainem der AnsprOcha 1 bis 6, da- 
durch gekennzelchnat, daB der Anfang8bkx:k wei- 
terhin ldenttfikatk)nsin1ormation fOreine rechtmaSi- 
ge Zugrfffseinrk^htung unnfaBt, wobei der Wert der 

10 rechtnnaBigen Zugriffsinfonnation von dem Steuer- 
gerdt gaprOft wind, urn einen Zugriff ledigltoh auf die 
rechtnnaBige Zugriffseinrichtung zu ermoglichen. 

8. Verfahren nach ekiem der AnsprOche 4 Oder 5 bis 
7 unter RQckbaziehung auf Anspruch 4, church 
gekennzetehnot, daB die Zugriffsfensterder Versle- 
gelungsfreigabe durch das Steuergerat gepruft 
werden, urn den Zugriff auf die Informatbn nur wdh- 
rend ainer vorgegebenen Zeitperiode zuzu lessen. 

20 

9. Verfahren nach einem der AnsprOche 1 bis 8, cte- 
durch gekennzeichnet, daB das Steuergerat mit der 
Ausgabaeinheit Ober nnanlpuilenjngsslchere Ver- 
bhdungen gekoppett ist. 

2S 

Revendicatione 

1. Dane un syst^e pour cont rote r la propagatbn d'in- 
^ formations via un toumlsseur d'Informatbns d'une 
mani^re en diffdrd, englobant au moins un support 
de memoirs el un dlspositif d'acc&s k la disposition 
de I'utlllsateur des informatbns, lesdites Informa- 
tions engbbant k la fois des informations contr&i^ 
3S ou de type COIN et das informatbns non contr6- 
1^, un proc^de pour amdlbrer le con1r6le de t'uti- 
lisation des informatbrw contr&ides, comprenant 
las stapes consistent & 

40 a) chlffrer lesdites informations da type COIN 

et une en-tdte pour obtenir des informatior^ 
prot6g6es de type COIN sur ledlt support da 
m^nnoire, ladite en-tdte comprenant au nnolns 
un nombre total d'accds Idgaux, le nombre 

^5 d'accds I6gaux restants, pluslaurs elds de chif- 

frement/ddchiffrement, et une signature de 
support pour verifier at valldar ['authenticity du- 
dit support da mdmoire; 

b) ddchiflrer ladite en-tdte desdites informa- 
so tbns prc^6g6es de type COIN at verifier las va- 

ieurs c^s ladite en-tdte avec un conlrdleur dts- 
posd dans ledlt dlspositif d'accds bns de I'acc^ 
audit support de mdnru>iFe par un utiiisateurdes 
Infornnatlons; ledlt contrOleur refusant I'accds 
^ aux Informations dans le cas ou rune qualcon- 

que des verifications dchoue; 

c) dtehlffrer lesdites informations de type COIN 
en ulilisant una desditss elds de chtffrement/ 
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ddchiffrement et prteenter lesdites informa- 
tlcm de type COIN £i une unitd de sortie dispo- 
se dans Isdil dispositif d'acc^ lorsque toutas 
les v^ttficatlons dans b) mises en oeuvre par 
Isdit con1r6leur sont cou ronndes de succte, la- s 
dite en-tdte 6tant modlfl^e pou r devenir une en- 
t§t6 modlflte dans le sens ou ledit nombre d'ac- 
cbs restants est ddcr^mentd; et 
d) rechtflrer lesdites hformations de type COIN 
et ladite en-tdte modifies en utilisant une autre 10 
c\6 de chiffremem/d6chlffrement aprds chaque 
demande d'accte drmnanl dudit utilisateur 
d'Infomnatione jusqu'^ epuisement dee accte 
l^gaux, 

par lequel ledit foumlsseur d" informations exer- t£ 
ce un contrdle de racc5s en attribuant des va- 
lours k ladite en-tele en fonction d'uns concer- 
tationentre lo foumlsseur cf Informations ot I'uth 
llsateur des Informations, Tutllisateur des infor- 
mations accSdant de manidre trar^arente aux ^ 
infomnations contr^ldes et non contr^M^. 

2. Proc6dd selon ia reverKiicatlon 1 , caractdrlsd en ce 
que ^dite en-tdte comprend en outre plusieurs fe- 
ndtres d'accds, la valeur de chacune desdites fend- ^ 
tres d'acc&s 6tant v6rlfl6e par ledit contrOieur pour 
permettre Pace to auxdites informations pendant un 
laps de temps pr^^termln^. 

3. Proc6d6 tel que dSflnl k la revendlcatbn 1 ou 2, ca- ^ 
raddrlsd en ce que ladite signature de support per- 
mst d'acceder auxdites informations sur ledit dispo- 
sitif d'accte uniquement torsque ledit contr&leur 
dtabirt une correspondance entre la signature de 
support dudit support de mdmoire et la signature de 3S 
support lue par ledit dispositif d'acx^. 

4. Dans systems pou r cont rdler la propagation d'inf or- 
mations via un f ournisseur confomnations d'une nr^a- 

\ nl^re en llgne sur au molns un canal de transmis- 40 

sion et au moins un dispositif d'accto k la disposi- 
tion d'un utilisateur des Informations, lesdites Infor- 
mations engbbant k la fois des Informations con- 
trdldes ou de type COIN et des informations non 
contrdldes, un proc^d^ pour amdilorer le contrOie 46 
de I'utilisation des informations contrdtdes. comprs- 
nant les dtapes consistant d: 

a) chiffrer lesdites informations de type COIN 
et une en-tdte pour obtenir des Informations so 
protdgdss de type COIN avant d'envoyer lesdi- 
tes Informations prot^g^es de type COIN audit 
utilisateur des infomnations, ladite en-tdte 00m- 
prenant au moins un rtombre tc^l d'acc&s 16- 
gaux, un nombre cfaccds i^ux restants, plu- ^ 
sieurs elds de chiffrement/dtehiffrement pour 
chiffrer lesdites Informations, ladite en-t§te 
dtant chiffrte via une old da chiff rement/dd- 



chiffrement maintsnue perKlant la durda d'un 
contrat de distribution pr6ddtennln6; 

b) chiffrer un dtoxJeur lore de La reception 
d'une demande d'acc&s de la part d'un utilisa- 
teur des informations et envoyer ledit dscodeur 
k I'utillsateur des Infomnations, ledit d6codeur 
comprenant au molns plusieurs fendtres d'ac- 
cks et ladite eld K^; 

c) ddchlffrer ledit ddcodeur avec un contrdleur 
disposd dans le dispositif cf accds, ledit contrd- 
leur vdrlflant les fendtres d'accds dans iedlt ds- 
codeur lors de Paccto via I'utilisateurd'infomna- 
tions, ledit contrdleur refusant facets auxdites 
informations dans le cas ou Tune quelconque 
des verifications dchoue; 

d) ddchtffrer ladite en-tdte desdites Infomia- 
tions prc^gdss de type COIN et verifier les va- 
lours dans ladite en-tdte avec un contraieur dis- 
pose dans ledtt dispositif d'accds lors de I'accds 
auxdites infomiations par un utilisateur des in- 
formations; ledit contrOleur refusant I'accds aux 
informatior^ dans le cas oij fune quelconque 
des vdrfficatlons dchoue; 

e) ddchiffrer lesdites informations de type COIN 
en utilisant une desdites elds de chiffrsment/ 
ddcliltfrement et presenter lesdites inforrra- 
tione de type COI N k une unitd de sortie dispo- 
sde dans Iedlt dispositif d'accds lorsque toutes 
les verifications dans d) mises en oeuvre par 
Iedlt contrOleur sont couronndes de succds, la- 
dite en-tdte dtantmodiflde pourdevenir une en- 
tete modifide dar^s le sens ou ledit nombre d'ac- 
cds restants est ddcrdmentd; et 

f) rechiffrer lesdites infomnations de type COIN 
et ladite en-tdte nnodiflde en utilisant une autre 
cid de cfiiffrement/ddchrff rement aprds chaque 
dennarKle d'accds dmanant dudit utilisateur 
d'infomnatlons jusqu'di dpuisement des accds 
Idgaux. 

par lequel ledit foumisseur d'infomnatlons exerce un 
contrCle de I'accds en attribuant des valeurs k La- 
dite en-tdte en fonction d'une concertatlon entre le 
foumisseur d' informations at {'utilisateur des infor- 
mations, I'utillsateur des informations accddant de 
manidre transparent e aux informations contrdldas 
et non contrdldes. 

5. Procddd tel que ddfini dans Pune quelconque des 
revendlcatbns 1 k 4, caractdrlsd en ce que lesdites 
informations comprennent des snformations numd- 
riques. 

S. Procddd selon rune quelconque des revendlcations 
1 k 5, caractdrlsd en ce que ledit contrdleur permet 
un nombre prdddtermind cf aocds auxdites informa- 
tions aprds vdrtflcatlon de la valeur dudit nombre 
total cf accds Idgaux restants. 
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7. Procddd salon I'une quelconqus dss rsvsndications 
1 & 6, caract^rtsd en ce que ladtte en-tdte comprend 
en outre des informatbns d'identificalion du dispo- 
sltlld'accte l^gal, la valeurdesdites Idemificatlons 

de I'accte dtant vdrifito par ledit contrdleur 5 
pour permettre i'acc^s unlquement audit dteposltif 
daccte Idgal. 

8. Procddd selon I'une quelconque des revendications 

4 ou 5-7 brsqu'elles dependent de la revendtcation to 
4, caractdrlsd en ce que les lendtres d'accte dudtt 
ddcodeur sont vdrifides par (edit contrfileur pour 
permsttFe Taccds auxdites ifTformatione unlque- 
ment au cours d'un laps de temps pr^dtermlnd. 

75 

9. Proc^dd tel que d^flnl ctos I'une quelconque des 
revendications 1^8, caract^risd en cs que ledit 
contrdleur est coupid h ladfte unitd de sortie via des 
l^sons Invlolables. 

20 
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